Data corruption in qemu_rbd_co_block_status
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
qemu (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Hi Christian,
we have started testing jammy and triggered a qemu bug which has already been fixed upstream.
The qemu 6.2 in jammy has currently a buggy implementation of .bdrv_co_
This can result in data corruption and/or crash of the instance.
https:/
Please consider backporting the following patches into qemu jammy before the release:
https:/
https:/
A repoducer is in the Ceph tracker. Trying to create a qcow2 snapshot from a running rbd-backed virtual machine will lead to a crash of the virtual machine, e.g.
# virsh snapshot-create-as --domain vm-123 --no-metadata --disk-only --diskspec sda,file=
Resulting core dump:
#0 0x00007fbaee61f18b in raise () from /lib/x86_
#1 0x00007fbaee5fe859 in abort () from /lib/x86_
#2 0x00007fbaee5fe729 in ?? () from /lib/x86_
#3 0x00007fbaee60ff36 in __assert_fail () from /lib/x86_
#4 0x00007fbaed64663f in qemu_rbd_
#5 0x00005566ab8f574c in bdrv_co_
#6 0x00005566ab8f582b in bdrv_co_
#7 0x00005566ab8f8589 in bdrv_co_
#8 0x00005566ab8c975a in bdrv_common_
#9 0x00005566ab8f8920 in bdrv_co_
#10 0x00005566ab91c924 in is_zero_cow (m=0x5566ac938660, bs=0x5566acdf0400) at ../../block/
#11 handle_alloc_space (l2meta=<optimized out>, bs=0x5566acdf0400) at ../../block/
#12 qcow2_co_
#13 qcow2_co_
#14 0x00005566ab919866 in qcow2_add_task (bs=bs@
#15 0x00005566ab919fe7 in qcow2_co_
#16 0x00005566ab8f9099 in bdrv_driver_pwritev (bs=bs@
#17 0x00005566ab8fb15f in bdrv_aligned_
#18 0x00005566ab8fbba8 in bdrv_co_
#19 0x00005566ab8ec21d in blk_co_
#20 0x00005566ab8ec38f in blk_aio_write_entry (opaque=
#21 0x00005566ab9ddaa3 in coroutine_
#22 0x00007fbaee637660 in ?? () from /lib/x86_
#23 0x00007ffc5fa8c270 in ?? ()
#24 0x0000000000000000 in ?? ()
Related branches
- Utkarsh Gupta (community): Needs Information
- Canonical Server packageset reviewers: Pending requested
- git-ubuntu import: Pending requested
-
Diff: 223 lines (+167/-4)6 files modifieddebian/changelog (+9/-0)
debian/control (+2/-1)
debian/control-in (+2/-3)
debian/patches/series (+2/-0)
debian/patches/ubuntu/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch (+54/-0)
debian/patches/ubuntu/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch (+98/-0)
Changed in qemu (Ubuntu): | |
status: | Confirmed → In Progress |
Status changed to 'Confirmed' because the bug affects multiple users.